security

Posted on by Jean-Luc Aufranc (CNXSoft) - 4 Comments on Android P Developer Preview Released with Indoor Positioning, Display Notch Support, HDR VP9 Video, and More

Android P Developer Preview Released with Indoor Positioning, Display Notch Support, HDR VP9 Video, and More

Android-P-Cutout-Indoor-Location

Google has just announced the release of the first developer preview for Android P mobile operating system, as the company is looking for feedback from developers who can use the official Android emulator, as well as images for Pixel, Pixel XL, Pixel 2, and Pixel 2XL devices for testing Google will take into account comments from developers before finalizing the APIs and features. That won’t be the only preview however, as the company plans to release other developer previews planned before the stable release at the end of the year, and Google aims to reveal more at Google I/O 2018 next week. Some of the interesting changes and new features found in Android P so far: Indoor positioning with Wi-Fi RTT (Round Trip Time) also known as 802.11mc WiFi protocol Display cutout support for some of the new phones with a notch Improved messaging notifications, for example highlighting who is […]

Posted on by Jean-Luc Aufranc (CNXSoft) - 5 Comments on Over 40 Android Phone Models Ship Infected with Trojan

Over 40 Android Phone Models Ship Infected with Trojan

If you want to buy a cheap Android phones, one way is to go to some Chinese e-retailers and purchase the phone that matches your requirements. Most phones will work reasonably well, but one thing that’s common to most/all Chinese manufacturers is lack of firmware updates and concerns for security. So you may only get 2 or 3 firmware update during the lifetime of your phone, if any, and usually the Android security patch is rather old. But Dr.Web discovered several Android smartphone models that ships with a Trojan (Android.Triada.231), in other words, the stock firmware is already infected with malware. The company found over 40 injected models, but the list may still grow Android.Triada trojans infect the Zygote process, which is used to launch all applications in Android. Once the module is infected, it becomes possible to download and launch software without the user’s knowledge. The 231 variant of […]

Posted on by Jean-Luc Aufranc (CNXSoft) - 5 Comments on NXP Unveils A71CH Secure Element Chip for Secure Peer-to-Peer or Cloud Connections

NXP Unveils A71CH Secure Element Chip for Secure Peer-to-Peer or Cloud Connections

The industry clearly has an issue at hand with the security of the Internet of Things, and the problem is complex as some devices are easily accessible due to bad configuration (e.g. default username/password), while others may have security flaws at various levels of the software stack from the low level bootloaders to the operating systems, and applications. Nowadays, devices also need to be upgradeable, and communicate with the cloud, and that introduces other attack vectors in case malignant firmware is installed instead, or a man-in-the-middle attack occurs. While some people may claim security can be achieved by software only, we are seeing security evolving towards combined software and hardware solutions, for example with Arm Trustzone built into SoCs, but some companies are also introducing Secure Element chip, which Samsung has already done and integrated into their Artik  modules to secure data from the hardware to the cloud. NXP has […]

Posted on by Jean-Luc Aufranc (CNXSoft) - No Comments on AAEON FWS-2360 Denverton Desktop Network Appliance Supports up to 6 Ethernet Ports, SATA Storage

AAEON FWS-2360 Denverton Desktop Network Appliance Supports up to 6 Ethernet Ports, SATA Storage

Last summer, we started to see products and motherboards based on Intel Atom C3000 series Denverton SoC, including GIGABYTE MA10-ST0 server motherboard and Axiomtek NA362 network appliance with up to 10 LAN ports. AAEON has informed me they’ve launched their own Denverton network appliance with AAEON FWS-2360 equipped with a pair of fiber/copper SFP GbE ports, four  GbE ports and two Mini-card slots to accommodate WiFi and 4G LTE expansion. The device also comes with an mSATA socket and a 2.5” SATA bay for storage.   AAEON FWS: SoC (one or the other) Intel Atom C3308 dual core Denverton processor @ 1.60 / 2.20 GHz with 4MB cache; 9.5W TDP Intel Atom C3558 quad core Denverton processor @ 2.20 GHz with 8MB cache; 16W TDP System Memory Dual core – 1x DDR4 SODIMM ECC DIMM Quad core – 2x DDR4 SODIMM ECC DIMM Storage – On-board eMMC flash up to […]

Posted on by Jean-Luc Aufranc (CNXSoft) - 9 Comments on MINIX NEO N42C-4 Mini PC Review – Part 2: Windows 10 Pro

MINIX NEO N42C-4 Mini PC Review – Part 2: Windows 10 Pro

MINIX NEO N42C-4 is the first Apollo Lake mini PC from the company, which also happens to be their first one with a fan, using internal antennas for WiFi and Bluetooth, and offering user-upgradeable storage and memory thanks to M.2 and SO-DIMM slots. The device also features three video output via HDMI 2.0, mini DiplayPort, and USB Type C  ports supporting up to three independent display. I’ve received a sample and already checked the hardware, and showed how to install an M.2 SSD and SO-DIMM RAM to the device in the first part of the review entitled  MINIX NEO N42C-4 Triple Display Capable Mini PC Review – Part 1: Unboxing and Teardown, so I’ll report my experience with Windows 10 Pro in the second part of the review, and there should also be a third part specifically dealing with Linux support. MINIX NEO N42C-4 Setup, System Info, BIOS The device […]

Posted on by Jean-Luc Aufranc (CNXSoft) - 36 Comments on Intel Apollo Lake Windows 10 Benchmarks Before and After Meltdown & Spectre Security Update

Intel Apollo Lake Windows 10 Benchmarks Before and After Meltdown & Spectre Security Update

So this week, there’s been a fair amount of news about Meltdown & Spectre exploits, which affects all major processor vendors one way or another, but especially Intel, and whose mitigations require operating systems and in some case microcode updates that decrease performance for some specific tasks. Microsoft has now pushed an update for Windows 10, and since I’m reviewing MINIX NEO N42C-4 mini PC powered by an Intel Pentium N4200 “Apollo Lake” processor, and just happened to run benchmarks before the update, so I decided to run some of the benchmarks again to see if there was any significant difference before and after the security update. First I had to verify I had indeed received the update in the “installed update history”, and Windows 10 Pro was updated on January 5th with KB4056892, which is what we want, so let’s go ahead. Benchmarks before Update PCMark 10 is one […]

Posted on by Jean-Luc Aufranc (CNXSoft) - 15 Comments on Intel Hardware Security Bug Fix to Hit Performance on Windows, Linux…

Intel Hardware Security Bug Fix to Hit Performance on Windows, Linux…

Many security bugs can be fixed without performance penalty , but according to reports Intel processors have a hardware bug – whose details have not been disclosed yet (embargo) – that seems to affect all operating systems including Windows, Linux, Mac OS, etc…, and the fix may lead to significant performance hits for some tasks. We know a bit more thanks to the Kernel Page Table Isolation (KPTI) patch for Linux that enables the fix/workaround with X86_BUG_CPU_INSECURE feature. The fix used to be called KAISER, and there’s an explanation on LWN about “hiding the kernel from user space” about the issue: On contemporary 64-bit systems, the shared address space does not constrain the amount of virtual memory that can be addressed as it used to, but there is another problem that is related to security. An important technique for hardening the system is kernel address-space layout randomization (KASLR), which randomizes […]

Posted on by Jean-Luc Aufranc (CNXSoft) - 7 Comments on Help Testing TLS 1.3 Compatibility for a More Efficient & Secure Internet

Help Testing TLS 1.3 Compatibility for a More Efficient & Secure Internet

Transport Layer Security (TLS) is the protocol that allows for secure websites (via https), and currently, TLS 1.2 is the version most commonly used today, with 1.0 and 1.1 still supported by many servers for backward compatibility with older browsers, including the one running this blog. TLS 1.3 is the next version, already supported in libraries and server software such as wolfSSL or nginx, and promises to be more efficient – important for battery operated devices (IoT) – thanks to features like zero-RTT (0-RTT) mode, speedy with a restructured handshake state machine, and more secure. However, changes in security protocol may mess up connection with some browsers or middleboxes, as I experience when I enabled https on CNX Software using Let’s Encrypt with nginx and Cloudflare, with around 0.5% of users losing access due to using older web browsers and operating systems such as Internet Explorer on Windows XP. According […]

Exit mobile version